# Google Cloud Integration {% hint style="success" %} To integrate GCP you must first integrate Google Workspace {% endhint %} ### Step 1 - Enable Required Google Cloud API 1. Log in to the Google Cloud console with **organization administrator** credentials. 2. Start Cloud Shell by clicking the CLI icon on the right side of the bar.↓ 3. In the shell interface, enter the following script to enable required API access, in all of the projects that Rezonate should protect. |

for project in $(gcloud projects list --format="value(projectId)")

do

echo "ProjectId: $project"

gcloud services enable cloudresourcemanager.googleapis.com --project=$project

gcloud services enable recommender.googleapis.com --project=$project

gcloud services enable cloudasset.googleapis.com --project=$project

gcloud services enable policyanalyzer.googleapis.com --project=$project

done

| | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | Enabling these API's allows us to enumerate resources, privileges, and other capabilities. **List of APIs and their usage** | API Endpoint | Why Rezonate Requests This Endpoint | | ----------------------------------- | -------------------------------------------------------------------------------------- | | cloudresourcemanager.googleapis.com | This API allows reading of the organizational structure and objects in it. | | recommender.googleapis.com | This API allows the reading of Google insights regarding your organization. | | cloudasset.googleapis.com | This API allows the reading of resources within your projects. | | policyanalyzer.googleapis.com | This API allows the reading of policies throughout the whole organizational structure. | ### Step 2 - Grant Rezonate Access to Your Google Cloud Organization 1. Head over to the [IAM ](https://console.cloud.google.com/iam-admin/iam)page. Use the organization/project drop-down list to choose your **Organization**. 2. Click **Grant Access**. 3. In the New Principals box, enter the email address provided by Rezonate - ****, to establish trust between the organizations. 4. In the Role boxes, grant the new service account the following read-only roles, at the **organization level**: 1. Browser 2. Security Reviewer 3. Viewer 5. Click **Save**. 6. On the same page, you should now be able to see that Rezonate’s service account was assigned with the roles you added. ![](https://rezonate.zendesk.com/hc/article_attachments/11076728898333) 7. Save and send your **organization ID** and the **project IDs** you wish Rezonate to protect. ![](https://rezonate.zendesk.com/hc/article_attachments/11076755943453) 8. Execute the following commands to retrieve your organization ID, and the list of all project IDs and filter the ones you want Rezonate to access: |

gcloud projects list --format="value(projectId)"

gcloud organizations list --format="value(ID)"

| | -------------------------------------------------------------------------------------------------------------------- |
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://kb.rezonate.io/core-integrations/google-cloud-integration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.